What the the Open source Library available in the C#.NET for the SSO.
Basically I want to connect with Google SSO then will further continue with other providers.
Check out: DotNetOpenAuth
Also, you may want to check the following links:
http://msdn.microsoft.com/en-us/library/ms972971.aspx
http://weblogs.asp.net/hernandl/archive/2004/06/09/ssoformsauth.aspx
The Windows Identity Foundation (WIF) is Microsoft's official library for identity federation.
In your scenario you can also use Access Control Service (ACS) to federate identity with Google, Yahoo!, etc. All of them (and more) are supported out of the box.
Samples, documentation, etc. available here: http://claimsid.codeplex.com
If you have a bit more control over your servers, Shibboleth might be an option as well. It actually simplified a large portion of our application that serves thousands of users and it is well thought out, flexible, and scalable. Basically, define a directory that should be watched for credentials and Shibboleth takes care of the rest.
You should use DotNetOpenAuth, as stated in Kamyar's answer. If you want to see a whole implementation using DotNetOpenAuth and other series of auxiliary libraries, you should have a look at this article:
Integrating OpenID in ASP.NET Web Forms using DotNetOpenAuth
Related
I have done some searching around both on here and also the web. I need to have SharePoint 2013 use an IP STS for authentication, but I can't use ADFS because the AD does not have all the users. I need to write my own IP STS but can't find any good examples.
I have found ThinkTecture's Embedded STS. While I can certainly dig in to an open-source project to see if it can do what I need, I just can't believe there aren't any examples of how to do this on the web. All the examples on MSDN assume you want to use ADFS with SharePoint which is more than presumptuous, and frankly annoying.
Does anyone know of any good resources I can use to roll my own IP STS other than wading in an open-source project from the get-go?
Why do you want to write your own? - there are a lot of other STS e.g. OpenAM, PingFederate etc. that you can use in place of ADFS. shibboleth is an widely used open-source STS that sits on top of a variety of identity repositories.
Writing a secure STS is hard.
Not sure what version of VS you have but VS 2010 had the ability to create a STS framework for you (plus templates) that you could build on and I suspect VS 2012 also had if you added the "Identity and Access Tool"?
Also: Building a simple custom STS using VS2012 & ASP.NET MVC among others.
I am trying to set up an IDP-Initiated SSO. I am helping out the IT department at the company I work at and do not have access to Active Directory right now (I am in intern doing IT in another department and they seem to think I can test without it).
The only data I need to get from AD is the user's login id, so in theory I don't think not having access to AD will be a problem...?
(Username should be the same as .NET's:
`Environment.UserName; ')
My task is to basically create a SAML token and send it to our RP (on another domain), who should take care of the rest.
Where can I start? I've not done something like this, so I'm sort of confused. I believe I just need to build a token and then post it, but I'm not sure how to begin. I've looked at some tutorials but they don't seem to fit my situation. If anyone has any tutorials on my specific case it would be much appreciated.
Thank you!
You've tagged this C# and .NET so looks like you live in the Microsoft world.
The normal way to do this is via ADFS and then configure your RP.
But you want to do IDP Initiated which is a SAML feature. What protocol does your RP support? There is no client-side Microsoft SAML support - although there are 3rd party tools.
Update
Suggest using ADFS - good example of how to configure here.
Years ago I wrote a 6 part tutorial on integrating a custom STS with the ADFS. Part 2 of that tutorial is on creating a custom STS.
http://www.wiktorzychla.com/2011/08/quest-for-customizing-adfs-sign-in-web.html
Note that the tutorial aims at WIF 4 that was a separate download at that time. Nowadays, WIF is integrated with .NET 4.5 so that some subtle details (namespaces etc) can vary.
Also note that WIF supports SAML 1.1.
I'm looking for SSO options for .NET/C# and so far came across OpenID and DotNetOpenAuth. Have yet to look into them in detail but just wanted to ask for some suggestions of what else I should consider.
I'm looking to implement SSO for Google & Facebook, and ideally it would be a single 3rd party library that supports both, trying to avoid manually implemented each one.
If you've dealt with this previously, please share the approach/tools used.
Thanks in advance!
OpenID and DotNetOpenAuth are by far your best options.
Helpful Link for DotNetOpenAuth
http://www.tkglaser.net/2012/03/single-sign-on-using-facebook-in-asp.html
EDIT: DotNetOpenAuth home:
http://www.dotnetopenauth.net/
Helpful Link for OpenID
http://www.hanselman.com/blog/TheWeeklySourceCode25OpenIDEdition.aspx
One other thing you might want to look into is the use of Azure ACS.
Here's an example enabling Windows Live and Facebook.
I've also used it against google credentials.
In this approach, you actually configure your application to interact only with Azure ACS, and configure which identity providers you want to enable through Azure's UI. So your application doesn't need to worry about each provider separately, and you could indeed add more providers without changing a single line of code in your application.
I'm looking for a library that will allow me to use OAuth in my ASP.NET/C# applications, such that I can authenticate users using one of the following OAuth providers
Google
Yahoo!
Twitter
I've looked at various open source libraries and find that there is one issue or another with them (some don't work at all, some work against one service not not others). I've also looked at OAuthDotNet and I must admit that I find it way too complicated to figure out how to begin using it and so I've not really tried it.
So essentially I'm looking for a simple to use library that works against the above mentioned providers (at least).
Jackie I have a blog post on this
OAuth C# Library
There is a library (including source code) and a simple sample project you can download to get started with this.
I've tested it against
1. Google
2. Twitter
3. Yahoo
4. Vimeo
You don't mention the version of OAuth you'd like to support so you should know that the library supports OAuth 1.0 revision A only and not OAuth 2.0. Most site today support OAuth 1.0 revision a.
I've kept the sample project very simple intentionally, so those starting out down this path don't have to struggle trying to figure out how to use the library. The library is not "over engineered" like I believe some libraries out there are so it is fairly simple to enhance if need be. But I suggest you attempt that only after you've familiarized yourself with the OAuth protocol.
The project in fact is an open source project hosted on Google code (link in the blog post).
Note: Due to the way Yahoo! has implemented their service it is not possible (or not simple) to test against their service from your development machine.
I hope this helps.
DotNetOpenAuth is open source library that supports OpenID, OAuth and
support for your site visitors to login with their OpenIDs.
Twitter Libraries in different languages.
Google Data client libraries are written to support client applications to access APIs.
Libraries are written in different types of languages.
If you're looking to just to Twitter then I would suggest twitterizer. It's a great library with a fairly good community and support.
http://byatool.com/c/connect-your-web-app-to-twitter-using-hammock-csharp/ (Wayback archive link.)
http://hammock.codeplex.com/ (Moved to github here: https://github.com/danielcrenna/vault/tree/master/hammock)
these link might be helpful.
I'd like to implement OpenID in a new application using ASP.NET 2.0 and SQL Server 2005.
I chosen Twitter, Facebook and Google as potential OpenID providers.
I've found the Twitter implementation in .NET and I was studying Google's OpenID implementation, but I want to make sure that my design is (mostly!) flawless.
Is my database schema correct? I've associated a Reader with an ProviderOpenID which contains only a nullable Name column. I store the OauthToken and use that at every request to gain access to his profile and verify the login. Am I missing something?
Can anyone tell me if there is an Open Source Library for the .NET implementation of the OpenID provider for Google? I found the following tutorial on Google but I don't understand how it works. Has anyone tried this? Is this the best way to do this?
Facebook and Twitter are not OpenID Providers. It looks like you've already found solutions to their proprietary mechanisms however. But I just wanted to clarify what it is and isn't.
Yes, Google is an OpenID Provider. And for ASP.NET 2.0 DotNetOpenId, which you linked to, is the way to go IMO. Don't mind the wiki (which was down at the time but is up now). That's to the new DotNetOpenAuth library which targets .NET 3.5. Since you're targeting .NET 2.0 specifically (is this intentional?) you need to go with the DotNetOpenId that is on the Google Code project site (http://dotnetopenid.googlecode.com/) and ignore the "We've Moved" link, since that leads you to the .NET 3.5 library. What you want is DotNetOpenId v2.5.5. It comes with samples that show you how to get OpenID going.
Note that Google has a few peculiarities with how they do OpenID, the most notable of which is that typing "google.com" as the openid identifier doesn't work (currently). You have to type the longer https://www.google.com/accounts/o8/id
I think I was listening to a dotnetrocks podcast about the guy that wrote this tool authentication tool:
https://rpxnow.com/.